Abstract
We introduce a new method for the formal development of secure systems that closely corresponds to the way secure systems are developed in practice. It is based on Focus, a general-purpose approach to the design and verification of distributed, interactive systems. Our method utilizes threat scenarios which are the result of threat identification and risk analysis and model those attacks that are of importance to the system's security. We describe the adversary's behaviour and influence on interaction. Given a suitable system specification, threat scenarios can be derived systematically from that specification. Security is defined as a particular relation on threat scenarios and systems. We show the usefulness of our approach by developing an authentic server component, thereby analysing two simple authentication protocols.
Author supplied keywords
Cite
CITATION STYLE
Lotz, V. (1996). Threat scenarios as a means to formally develop secure systems. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1146, pp. 242–265). Springer Verlag. https://doi.org/10.1007/3-540-61770-1_40
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
